Filtered by vendor Gnu
Subscribe
Total
1065 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47007 | 1 Gnu | 1 Binutils | 2023-08-26 | N/A | 5.5 MEDIUM |
| An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | |||||
| CVE-2022-28736 | 1 Gnu | 1 Grub2 | 2023-08-25 | N/A | 7.8 HIGH |
| There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2's memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved. | |||||
| CVE-2022-28735 | 1 Gnu | 1 Grub2 | 2023-08-25 | N/A | 7.8 HIGH |
| The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain. | |||||
| CVE-2022-28733 | 1 Gnu | 1 Grub2 | 2023-08-25 | N/A | 8.1 HIGH |
| Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer. | |||||
| CVE-2021-46174 | 1 Gnu | 1 Binutils | 2023-08-25 | N/A | 7.5 HIGH |
| Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | |||||
| CVE-2020-19726 | 1 Gnu | 1 Binutils | 2023-08-25 | N/A | 8.8 HIGH |
| An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. | |||||
| CVE-2021-32256 | 1 Gnu | 1 Binutils | 2023-08-24 | N/A | 6.5 MEDIUM |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||||
| CVE-2019-9077 | 4 Canonical, F5, Gnu and 1 more | 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more | 2023-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. | |||||
| CVE-2019-9070 | 4 Canonical, F5, Gnu and 1 more | 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more | 2023-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. | |||||
| CVE-2023-39130 | 1 Gnu | 1 Gdb | 2023-08-03 | N/A | 5.5 MEDIUM |
| GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. | |||||
| CVE-2023-39129 | 1 Gnu | 1 Gdb | 2023-08-03 | N/A | 5.5 MEDIUM |
| GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. | |||||
| CVE-2023-39128 | 1 Gnu | 1 Gdb | 2023-08-03 | N/A | 5.5 MEDIUM |
| GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | |||||
| CVE-2015-20109 | 1 Gnu | 1 Glibc | 2023-07-31 | N/A | 5.5 MEDIUM |
| end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. | |||||
| CVE-2010-3856 | 1 Gnu | 1 Glibc | 2023-07-20 | 7.2 HIGH | N/A |
| ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. | |||||
| CVE-2023-36273 | 1 Gnu | 1 Libredwg | 2023-06-27 | N/A | 8.8 HIGH |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | |||||
| CVE-2023-36274 | 1 Gnu | 1 Libredwg | 2023-06-27 | N/A | 8.8 HIGH |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | |||||
| CVE-2023-36271 | 1 Gnu | 1 Libredwg | 2023-06-27 | N/A | 8.8 HIGH |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. | |||||
| CVE-2023-36272 | 1 Gnu | 1 Libredwg | 2023-06-27 | N/A | 8.8 HIGH |
| LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. | |||||
| CVE-2022-25310 | 2 Gnu, Redhat | 2 Fribidi, Enterprise Linux | 2023-06-23 | N/A | 5.5 MEDIUM |
| A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. | |||||
| CVE-2023-27985 | 1 Gnu | 1 Emacs | 2023-06-09 | N/A | 7.8 HIGH |
| emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90 | |||||